1 // GoGOST -- Pure Go GOST cryptographic functions library
2 // Copyright (C) 2015-2016 Sergey Matveev <stargrave@stargrave.org>
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // This program is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with this program. If not, see <http://www.gnu.org/licenses/>.
27 func TestRFCVectors(t *testing.T) {
29 0x28, 0x3b, 0xec, 0x91, 0x98, 0xce, 0x19, 0x1d,
30 0xee, 0x7e, 0x39, 0x49, 0x1f, 0x96, 0x60, 0x1b,
31 0xc1, 0x72, 0x9a, 0xd3, 0x9d, 0x35, 0xed, 0x10,
32 0xbe, 0xb9, 0x9b, 0x78, 0xde, 0x9a, 0x92, 0x7a,
35 0x0b, 0xd8, 0x6f, 0xe5, 0xd8, 0xdb, 0x89, 0x66,
36 0x8f, 0x78, 0x9b, 0x4e, 0x1d, 0xba, 0x85, 0x85,
37 0xc5, 0x50, 0x8b, 0x45, 0xec, 0x5b, 0x59, 0xd8,
38 0x90, 0x6d, 0xdb, 0x70, 0xe2, 0x49, 0x2b, 0x7f,
41 0xda, 0x77, 0xff, 0x87, 0x1a, 0x10, 0xfb, 0xdf,
42 0x27, 0x66, 0xd2, 0x93, 0xc5, 0xd1, 0x64, 0xaf,
43 0xbb, 0x3c, 0x7b, 0x97, 0x3a, 0x41, 0xc8, 0x85,
44 0xd1, 0x1d, 0x70, 0xd6, 0x89, 0xb4, 0xf1, 0x26,
47 0x2d, 0xfb, 0xc1, 0xb3, 0x72, 0xd8, 0x9a, 0x11,
48 0x88, 0xc0, 0x9c, 0x52, 0xe0, 0xee, 0xc6, 0x1f,
49 0xce, 0x52, 0x03, 0x2a, 0xb1, 0x02, 0x2e, 0x8e,
50 0x67, 0xec, 0xe6, 0x67, 0x2b, 0x04, 0x3e, 0xe5,
53 0x01, 0x45, 0x6c, 0x64, 0xba, 0x46, 0x42, 0xa1,
54 0x65, 0x3c, 0x23, 0x5a, 0x98, 0xa6, 0x02, 0x49,
55 0xbc, 0xd6, 0xd3, 0xf7, 0x46, 0xb6, 0x31, 0xdf,
56 0x92, 0x80, 0x14, 0xf6, 0xc5, 0xbf, 0x9c, 0x40,
57 0x41, 0xaa, 0x28, 0xd2, 0xf1, 0xab, 0x14, 0x82,
58 0x80, 0xcd, 0x9e, 0xd5, 0x6f, 0xed, 0xa4, 0x19,
59 0x74, 0x05, 0x35, 0x54, 0xa4, 0x27, 0x67, 0xb8,
60 0x3a, 0xd0, 0x43, 0xfd, 0x39, 0xdc, 0x04, 0x93,
63 c, err := NewCurveFromParams(CurveParamsGostR34102001Test)
67 prv, err := NewPrivateKey(c, DigestSize2001, priv)
71 pub, err := prv.PublicKey()
75 if bytes.Compare(pub.Raw()[:32], pubX) != 0 {
78 if bytes.Compare(pub.Raw()[32:], pubY) != 0 {
81 ourSign, err := prv.SignDigest(digest, rand.Reader)
85 valid, err := pub.VerifyDigest(digest, ourSign)
86 if err != nil || !valid {
89 valid, err = pub.VerifyDigest(digest, signature)
90 if err != nil || !valid {
95 func TestRandom2001(t *testing.T) {
96 c, _ := NewCurveFromParams(CurveParamsGostR34102001Test)
97 f := func(data [31]byte, digest [32]byte) bool {
98 prv, err := NewPrivateKey(
101 append([]byte{0xde}, data[:]...),
106 pub, err := prv.PublicKey()
111 pub, err = NewPublicKey(c, DigestSize2001, pubRaw)
115 sign, err := prv.SignDigest(digest[:], rand.Reader)
119 valid, err := pub.VerifyDigest(digest[:], sign)
125 if err := quick.Check(f, nil); err != nil {
130 func BenchmarkSign2001(b *testing.B) {
131 c, _ := NewCurveFromParams(CurveParamsGostR34102001Test)
132 prv, err := GenPrivateKey(c, DigestSize2001, rand.Reader)
136 digest := make([]byte, 32)
139 for i := 0; i < b.N; i++ {
140 prv.SignDigest(digest, rand.Reader)
144 func BenchmarkVerify2001(b *testing.B) {
145 c, _ := NewCurveFromParams(CurveParamsGostR34102001Test)
146 prv, err := GenPrivateKey(c, DigestSize2001, rand.Reader)
150 digest := make([]byte, 32)
152 sign, err := prv.SignDigest(digest, rand.Reader)
156 pub, err := prv.PublicKey()
161 for i := 0; i < b.N; i++ {
162 pub.VerifyDigest(digest, sign)
166 func TestVKO(t *testing.T) {
167 c, _ := NewCurveFromParams(CurveParamsGostR34102001Test)
168 ukm, _ := hex.DecodeString("33a252f825be7251")
169 prvRaw1, _ := hex.DecodeString("1df129e43dab345b68f6a852f4162dc69f36b2f84717d08755cc5c44150bf928")
170 prvRaw2, _ := hex.DecodeString("5b9356c6474f913f1e83885ea0edd5df1a43fd9d799d219093241157ac9ed473")
171 kek, _ := hex.DecodeString("ee4618a0dbb10cb31777b4b86a53d9e7ef6cb3e400101410f0c0f2af46c494a6")
172 prv1, _ := NewPrivateKey(c, DigestSize2001, prvRaw1)
173 prv2, _ := NewPrivateKey(c, DigestSize2001, prvRaw2)
174 pub1, _ := prv1.PublicKey()
175 pub2, _ := prv2.PublicKey()
176 kek1, _ := prv1.KEK(pub2, ukm)
177 kek2, _ := prv2.KEK(pub1, ukm)
178 if bytes.Compare(kek1, kek2) != 0 {
181 if bytes.Compare(kek1, kek) != 0 {
186 func TestRandomVKO(t *testing.T) {
187 c, _ := NewCurveFromParams(CurveParamsGostR34102001Test)
188 f := func(prvRaw1 [32]byte, prvRaw2 [32]byte, ukm [8]byte) bool {
189 prv1, err := NewPrivateKey(c, DigestSize2001, prvRaw1[:])
193 prv2, err := NewPrivateKey(c, DigestSize2001, prvRaw2[:])
197 pub1, _ := prv1.PublicKey()
198 pub2, _ := prv2.PublicKey()
199 kek1, _ := prv1.KEK(pub2, ukm[:])
200 kek2, _ := prv2.KEK(pub1, ukm[:])
201 return bytes.Compare(kek1, kek2) == 0
203 if err := quick.Check(f, nil); err != nil {